Microsoft Azure Virtual Desktop (AVD) image update process

Below are the steps that I use to update an AVD image in Azure. You’d typically update an image when you need to add an additional application, make a configuration change, run Windows updates or update an application on all of your session hosts.

NOTE: This was captured from a live update so some data like the subscription ID is omitted with white scribbles. This was also a customer that used AVD when it used to be called “Windows Virtual Desktop” so WVD is in a number of the screenshots.

1. In the Azure portal, search for and click on Snapshots.

2. Find the latest version of the image snapshot and click on it, then click “Create Disk”.

3. Set the name as something memorable, for example AVD-GOLD-20h1-v4.2. This describes the disk purpose (AVD), the version of Windows (20H2) and the version of our snapshot, in my case v4.2.

Click Review + create and then Create. Wait for the deployment to complete then click “Go to resource”.

4. Click create VM.

5. Set the virtual machine name to something you’d like, it doesn’t really matter what it is at this stage, the machine is just used to capture the image later on. Set the license type to Windows client. Tick the box to confirm the license. The rest of the settings should be the same as below. We’ll leave RDP open here but add our IP address in after.

6. Go to the networking tab, change the virtual network and subnets to the ones where your session hosts reside. Click Review + create and then Create. Wait for the deployment to complete and click Go to Resource.

7. Go to the Networking of the new virtual machine, then Networking, edit the RDP rule and set the source IP to your public IP address so that nobody else can try to connect.

8.Scroll down to Reset password, then type in the username and password that you’d like to use for the session hosts. Click Update and wait for the process to finish.

9.Go back to Overview, click Connect and then RDP.

10.Ensure that public IP address is selected then click Download RDP File

11.Click on the downloaded file, depending on the browser you are using. Open the RDP file and then log in with the local admin credentials typed in earlier.

12.Make the required changes on the desktop e.g. Windows Updates or third party app updates

13.Stop the AVD virtual machine in Azure.
Go to Disks and then click on the disk name.

14.Click Create snapshot

15.Name the snapshot something that you’d like, I use the format “snap-build-gold-version-presysprep” e.g. “snap-20h2-gold-v3.2-presysprep”

Click Review + Create, verify the settings are correct then click Create.
Wait for the “Deployment is in progress” to finished then proceed.

16.Go back to our AVD virtual machine and Start it. Wait for the status to change to Running.

Then reconnect back to the virtual machine. You’ll probably need to click Connect and RDP again to get the new RDP file, as the virtual machine may have lost its public IP when it was stopped.

17.Log in again as the local administrator account.

18. Make the required changes to your image, that may be updates, app installs, app updates etc.
At this stage if you use any antivirus software you may need to generalise it. The vendor will usually provide documentation on generalising their AV within an image.

19. Go to C:\Windows\System32\Sysprep and run sysprep.exe. Choose the options in the screenshot and click OK. The virtual machine will shut down.

20. Back in the Azure portal, go back to the AVD virtual machine. You’ll notice it says Stopped but not Stopped (deallocated). Click Stop at the top to deallocate the machine.
Wait for the status to show Stopped (deallocated)

21.Click Capture

22.Ensure the resource group is the same as the one where your AVD session hosts reside.
Change the “Share image to Shared image gallery” to No. Select “automatically delete the virtual machine after creating the image”. Change the name to the format “image-AVD-GOLD-build-majorversion-minorversion” e.g. “image-AVD-GOLD-20H2-v3-2”.
Click Review + Create, then Create.

23.Search for Azure Virtual Desktop and click on it.

24.Click on host pools, then click on the host pool name.

25.Click on Registration key and then click Generate new key.

26.Select a date and time that gives enough time to add the new VM.
Click OK.Copy the generated registration key.

27.Click on Session hosts then click on Add

28.Click Next: Virtual Machines >

29. You now need to select the settings relevant to your deployment.
Resource group: The one where your AVD deployment resides
Name prefix: Something like AVD-Image, e.g. AVD-20H2. This will the name your session hosts AVD-20H2-01, AVD-20H2-02, etc etc.
Virtual machine location: A location of your choosing
Availability options: No infrastructure redundancy required (in my case, you may want to enable this)
Image type: Gallery
Image: Select see all images, click “My Items” at the top and click the latest version of image that you created earlier”
Number of VMs: Choose the same amount of session hosts you’d like to create
Boot Diagnostics: Enable with managed storage account (recommended)

Virtual network: Virtual network where your AVD session hosts reside
Subnet: Subnet where your AVD session hosts reside
Network security group: Advanced, then choose the NSG that applies to your existing AVD session hosts

Select which directory you would like to join: Active Directory. You do have the option to choose Azure AD but I won’t be in this blog post.
AD domain join UPN: The account that has AD Join permissions in UPN format e.g. User@Mydomain.local
Password: Password of the account above
Specify domain or unit: Yes
Domain to join: Your domain e.g. mydomain.local
Organization Unit path: For example OU=Windows Virtual Desktop, OU=Computers, OU=CompanyName, DC=mydomain, DC=local

Username: Local admin you created earlier
Password: The same AVD local admin password used earlier

Click Review + create. Confirm the settings are correct then click Create. Wait for the deployment to Complete.

30. Search for “Azure Virtual Desktop” and click on it from the top search bar. Go to the host pool and there should be the additional 4 machines that we created. Turn drain mode on for the new machines straight away to ensure they don’t get new user sessions. When the customer is ready to test, put the old hosts in drain mode and take the new ones out, let them log in then do the opposite.

Once you have confirmed users are happy with testing, shut down the old session hosts and keep for a few days before deleting them completely. Don’t forget to delete the orphaned disks and public IPs left over from this process.